Awesome-Mirrors/awesome-malware-analysis
1
0
Fork 0
mirror of https://github.com/rshipp/awesome-malware-analysis.git synced 2024-10-01 06:35:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Clean up whitespace and redirects

Browse Source
This commit is contained in:
rshipp 2016-06-30 20:05:30 -06:00
parent e4046baa69
commit fe57646480
No known key found for this signature in database
GPG Key ID: 1F4037ED24A4D1F0
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
README.md
View File

@ -137,7 +137,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
*Threat intelligence and IOC resources.*
* [Autoshun](http://autoshun.org/) ([list](http://autoshun.org/files/shunlist.csv)) -
* [Autoshun](https://autoshun.org/) ([list](https://autoshun.org/files/shunlist.csv)) -
Snort plugin and blocklist.
* [CI Army](http://cinsscore.com/) ([list](http://cinsscore.com/list/ci-badguys.txt)) -
Network security blocklists.
@ -229,7 +229,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
legal concerns by the author.
* [DeepViz](https://www.deepviz.com/) - Multi-format file analyzer with
machine-learning classification.
* [detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do traffic analysis
* [detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do traffic analysis
of Linux malwares and capturing IOCs.
* [Document Analyzer](https://www.document-analyzer.net/) - Free dynamic analysis of DOC and PDF files.
* [DRAKVUF](https://github.com/tklengyel/drakvuf) - Dynamic malware analysis
@ -239,7 +239,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
analysis tool, powered by VxSandbox.
* [IRMA](http://irma.quarkslab.com/) - An asynchronous and customizable
analysis platform for suspicious files.
* [Joe Sandbox](https://www.joesecurity.org) - Deep malware analysis with Joe Sandbox.
* [Joe Sandbox](https://www.joesecurity.org) - Deep malware analysis with Joe Sandbox.
* [Jotti](https://virusscan.jotti.org/en) - Free online multi-AV scanner.
* [Malheur](https://github.com/rieck/malheur) - Automatic sandboxed analysis
of malware behavior.
@ -249,8 +249,8 @@ A curated list of awesome malware analysis tools and resources. Inspired by
analysis of malware.
* [Metadefender.com](https://www.metadefender.com) - Scan a file, hash or IP
address for malware (free)
* [NetworkTotal](https://www.networktotal.com/index.html) - A service that analyzes
pcap files and facilitates the quick detection of viruses, worms, trojans, and all
* [NetworkTotal](https://www.networktotal.com/index.html) - A service that analyzes
pcap files and facilitates the quick detection of viruses, worms, trojans, and all
kinds of malware using Suricata configured with EmergingThreats Pro.
* [Noriben](https://github.com/Rurik/Noriben) - Uses Sysinternals Procmon to
collect information about malware in a sandboxed environment.
@ -355,8 +355,8 @@ the [browser malware](#browser-malware) section.*
the backend-free version of PDF X-RAY.
* [peepdf](http://eternal-todo.com/tools/peepdf-pdf-analysis-tool) - Python
tool for exploring possibly malicious PDFs.
* [QuickSand](https://www.quicksand.io/) - QuickSand is a compact C framework
to analyze suspected malware documents to identify exploits in streams of different
* [QuickSand](https://www.quicksand.io/) - QuickSand is a compact C framework
to analyze suspected malware documents to identify exploits in streams of different
encodings and to locate and extract embedded executables.
* [Spidermonkey](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey) -
Mozilla's JavaScript engine, for debugging malicious JS.
@ -388,14 +388,14 @@ the [browser malware](#browser-malware) section.*
& [iheartxor](http://hooked-on-mnemonics.blogspot.com/p/iheartxor.html) -
Two tools from Alexander Hanel for working with single-byte XOR encoded
files.
* [FLOSS](https://github.com/fireeye/flare-floss) - The FireEye Labs Obfuscated
String Solver uses advanced static analysis techniques to automatically
* [FLOSS](https://github.com/fireeye/flare-floss) - The FireEye Labs Obfuscated
String Solver uses advanced static analysis techniques to automatically
deobfuscate strings from malware binaries.
* [NoMoreXOR](https://github.com/hiddenillusion/NoMoreXOR) - Guess a 256 byte
XOR key using frequency analysis.
* [PackerAttacker](https://github.com/BromiumLabs/PackerAttacker) - A generic
hidden code extractor for Windows malware.
* [unpacker](https://github.com/malwaremusings/unpacker/) - Automated malware
* [unpacker](https://github.com/malwaremusings/unpacker/) - Automated malware
unpacker for Windows malware based on WinAppDbg.
* [unxor](https://github.com/tomchop/unxor/) - Guess XOR keys using
known-plaintext attacks.
@ -414,7 +414,7 @@ the [browser malware](#browser-malware) section.*
* [angr](https://github.com/angr/angr) - Platform-agnostic binary analysis
framework developed at UCSB's Seclab.
* [bamfdetect](https://github.com/bwall/bamfdetect) - Identifies and extracts
* [bamfdetect](https://github.com/bwall/bamfdetect) - Identifies and extracts
information from bots and other malware.
* [BARF](https://github.com/programa-stic/barf-project) - Multiplatform, open
source Binary Analysis and Reverse engineering Framework.
@ -463,7 +463,7 @@ the [browser malware](#browser-malware) section.*
analysis.
* [Radare2](http://www.radare.org/r/) - Reverse engineering framework, with
debugger support.
* [ROPMEMU](https://github.com/vrtadmin/ROPMEMU) - A framework to analyze, dissect
* [ROPMEMU](https://github.com/vrtadmin/ROPMEMU) - A framework to analyze, dissect
and decompile complex code-reuse attacks.
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis.
@ -541,8 +541,8 @@ the [browser malware](#browser-malware) section.*
memory forensics framework.
* [VolUtility](https://github.com/kevthehermit/VolUtility) - Web Interface for
Volatility Memory Analysis framework.
* [WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365) - Live
memory inspection and kernel debugging for Windows systems.
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit) -
Live memory inspection and kernel debugging for Windows systems.
## Windows Artifacts
@ -564,20 +564,20 @@ the [browser malware](#browser-malware) section.*
malware and threat repository.
* [Malwarehouse](https://github.com/sroberts/malwarehouse) - Store, tag, and
search malware.
* [Polichombr](https://github.com/ANSSI-FR/polichombr) - A malware analysis
* [Polichombr](https://github.com/ANSSI-FR/polichombr) - A malware analysis
platform designed to help analysts to reverse malwares collaboratively.
* [Viper](http://viper.li/) - A binary management and analysis framework for
analysts and researchers.
## Miscellaneous
* [al-khaser](https://github.com/LordNoteworthy/al-khaser) - A PoC malware
* [al-khaser](https://github.com/LordNoteworthy/al-khaser) - A PoC malware
with good intentions that aimes to stress anti-malware systems.
* [Binarly](http://binar.ly/) - Search engine for bytes in a large corpus
of malware.
* [Binarly](http://www.binar.ly/search) - Search engine for bytes in a large
corpus of malware.
* [DC3-MWCP](https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP) -
The Defense Cyber Crime Center's Malware Configuration Parser framework.
* [MalSploitBase](https://github.com/misterch0c/malSploitBase) - A database
* [MalSploitBase](https://github.com/misterch0c/malSploitBase) - A database
containing exploits used by malware.
* [Pafish](https://github.com/a0rtega/pafish) - Paranoid Fish, a demonstration
tool that employs several techniques to detect sandboxes and analysis